[torspec/master] prop224: Bump keylen to 2 bytes in all cells. - tor-commits

12 May 2016

commit 1020c797324e6f8707157f8bca2a6d7f68429b3c
Author: George Kadianakis desnacked@riseup.net
Date:   Tue May 10 11:10:12 2016 -0400
prop224: Bump keylen to 2 bytes in all cells.
---
 proposals/224-rend-spec-ng.txt | 21 ++++++---------------
 1 file changed, 6 insertions(+), 15 deletions(-)

diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt
index 408a982..365f4fd 100644
--- a/proposals/224-rend-spec-ng.txt
+++ b/proposals/224-rend-spec-ng.txt
@@ -1067,7 +1067,7 @@ Table of contents:
    sends an ESTABLISH_INTRO cell with the following contents:
AUTH_KEY_TYPE    [1 byte]
-     AUTH_KEY_LEN     [1 byte]
+     AUTH_KEY_LEN     [2 bytes]
      AUTH_KEY         [AUTH_KEY_LEN bytes]
      N_EXTENSIONS     [1 byte]
      N_EXTENSIONS times:
@@ -1075,8 +1075,8 @@ Table of contents:
         EXT_FIELD_LEN  [1 byte]
         EXT_FIELD      [EXT_FIELD_LEN bytes]
      HANDSHAKE_AUTH   [MAC_LEN bytes]
-     SIGLEN           [1 byte]
-     SIG              [SIGLEN bytes]
+     SIG_LEN          [2 bytes]
+     SIG              [SIG_LEN bytes]
The AUTH_KEY_TYPE field indicates the type of the introduction point
    authentication key and the type of the MAC to use in
@@ -1100,7 +1100,7 @@ Table of contents:
    section 5.2, "Setting circuit keys". It prevents replays of
    ESTABLISH_INTRO cells.
-   SIGLEN is the length of the signature.
+   SIG_LEN is the length of the signature.
SIG is a signature, using AUTH_KEY, of all contents of the cell, up
    to but not including SIG. These contents are prefixed with the string
@@ -1123,15 +1123,6 @@ Table of contents:
    Otherwise, the node must associate the key with the circuit, for use
    later in INTRODUCE1 cells.
-   [TODO: The above will work fine with what we do today, but it will do
-   quite badly if we ever freak out and want to go back to RSA2048 or
-   bigger.  Do we care?]
-   [Do we lose much by making AUTH_KEY_LEN and SIGLEN 2 bytes each? Or,
-    even crazier, do we lose much by making those two variable sizes,
-    defined by whichever value of AUTH_KEY_TYPE you pick? I guess we
-    don't know how big it is if we don't recognize the key type, but we
-    are already planning to refuse the intro request then. -RD]
-
 3.1.2. Registering an introduction point on a legacy Tor node [LEGACY_EST_INTRO]
Tor nodes should also support an older version of the ESTABLISH_INTRO
@@ -1203,7 +1194,7 @@ Table of contents:
LEGACY_KEY_ID   [20 bytes]
      AUTH_KEY_TYPE   [1 byte]
-     AUTH_KEY_LEN    [1 byte]
+     AUTH_KEY_LEN    [2 bytes]
      AUTH_KEY        [AUTH_KEY_LEN bytes]
      N_EXTENSIONS    [1 byte]
      N_EXTENSIONS times:
@@ -1294,7 +1285,7 @@ Table of contents:
           EXT_FIELD_LEN                          [1 byte]
           EXT_FIELD                              [EXT_FIELD_LEN bytes]
       ONION_KEY_TYPE                             [1 bytes]
-      ONION_KEY_LEN                              [1 bytes]
+      ONION_KEY_LEN                              [2 bytes]
       ONION_KEY                                  [ONION_KEY_LEN bytes]
       NSPEC      (Number of link specifiers)     [1 byte]
       NSPEC times:

    